A new report from Gartner predicts that three-quarters of all mobile apps available in 2015 will fail basic security tests. "Enterprises that embrace mobile computing and bring your own device (BYOD) strategies are vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance," said Dionisio Zumerle, principal research analyst at Gartner. "Most enterprises are inexperienced in mobile application security. Even when application security testing is undertaken, it is often done casually by developers who are mostly concerned with the functionality of applications, not their security."
The firm recommends static application security testing (SAST) and dynamic application security testing (DAST) for mobile applications, as well as tests that monitor the activities of background apps. "App stores are filled with applications that mostly prove their advertised usefulness. Nevertheless, enterprises and individuals should not use them without paying attention to their security," added Zumerle. "They should download and use only those applications that have successfully passed security tests conducted by specialized application security testing vendors."